<?php
if (!defined('APP') or !constant('APP')) die('Direct access not allowed!');

class DemotCommentModel
{    
    public static function activate($id)
    {   
        $data = array();
        $data[':id'] = intval($id);
        
        if ($data[':id']==0) return false;
        
        $query = "UPDATE `demots_comments` SET `is_active`=1 WHERE `id`=:id";   
            
        $result = DB::getPDO()->prepare($query);
        
        return $result->execute($data);            
    }
    
    public static function update($request)
    {   
        $data = array();
        $data[':id'] = isset($request['id']) ? intval($request['id']) : 0;
        
        if ($data[':id']==0) return false;
        
        $data[':name'] = isset($request['name']) ? htmlspecialchars($request['name']) : "Bład w nazwie";
        
       // if (strlen(trim($data[':name']) == 0)) return;
             
        $query = "UPDATE `demots_comments` SET `name`=:name WHERE `id`=:id";   
            
        $result = DB::getPDO()->prepare($query);
        
        $result->execute($data);            
    }
    
    public static function count()
    {
        $query = "SELECT COUNT(*) FROM `demots_categories`";
        $result = DB::getPDO()->prepare($query);
        $result->execute();  
        $result = $result->fetch();
        
        if (sizeof($result) < 1) { return 0; }

        return $result['COUNT(*)'];   
    }
    
    public static function save($request)
    {
        $data = array();
        
                 
        $data[':content'] = isset($request['content']) ? htmlspecialchars($request['content']) : "Bład w nazwie";
        $data[':id_demot'] = isset($request['id_demot']) ? intval($request['id_demot']) : 0;
                
        if (trim($data[":content"])=='')  
        {
            flash_message::setMessage("Wpisałeś pusty komentarz!");
            System::redirect("index.php?controller=demot&action=showDemot&id=".$data[':id_demot']);
            return false; 
        } 
                     
        $check_data=array(
            ':id_demot'=> $data[':id_demot'],
            ':id_user' => intval(UserModel::isLoggedIn()) );
                
        if ($request['token'] != $_SESSION['comment_form_token']) { 
            flash_message::setMessage("Błedy token!");
            System::redirect("index.php?controller=demot&action=showDemot&id=".$data[':id_demot']);
            return false; 
        }
       
        unset($_SESSION['token']);
        
        $query = "SELECT date FROM `demots_comments` WHERE id_demot = :id_demot AND id_user = :id_user ORDER by date DESC LIMIT 1; ";
        $result = DB::getPDO()->prepare($query);
        $result->execute($check_data);  
        $result = $result->fetch();
        
        if (sizeof($result) > 1) 
        { 
            // sprawdzenie przed atakiem na komentarze
            // komentarze muszą być wstawiane przez użytkownika z opóźnieniem 60 sek.
            $last_comment_time = date("h:i:s",strtotime($result['date']));
            $now = date("h:i:s",strtotime("now"));
            $diff = strtotime($now)  - strtotime($last_comment_time);

            $diff = (int)($diff);
            //die($diff."");
            if ($diff<=1*60)
            {
                flash_message::setMessage("Komentarze należy dodawać co najmniej z ".(60-$diff)." sek. opoźnieniem");
                System::redirect("index.php?controller=demot&action=showDemot&id=".$data[':id_demot']);
                return false;
            }
        }
        
        
        $data[':id_user'] = intval(UserModel::isLoggedIn());
   
        
        //if (strlen(trim($data[':name']) == 0)) return;
                        
        $query = "INSERT INTO `demots_comments` (`content`, `id_demot`,`id_user` ) VALUES (:content, :id_demot, :id_user);";
        
        $result = DB::getPDO()->prepare($query);
       
        return $result->execute($data);      
    }
    
      public static function delete($id)
    {        
        $data = array(':id' => intval($id));
       
        $query = "DELETE FROM `demots_comments` WHERE id = :id";
        $result = DB::getPDO()->prepare($query);
        $result->execute($data);  
        return $result;
    }
    
    public static function fetch($id)
    {
        $data = array(":id" => intval($id));
        $query = "SELECT * FROM `demots_comments` WHERE id = :id";
        $result = DB::getPDO()->prepare($query);
        $result->execute($data);  
        $result = $result->fetch();
        return $result;
    }
    
    public static function fetchAll()
    {
        $query = "SELECT * FROM `demots_comments` ORDER by date DESC";
        
        $result = DB::getPDO()->prepare($query);
        $result->execute();  
        
        $result = $result->fetchAll();               
      
        return $result;
    }
    
    public static function fetchAllByDemotId($id_demot)
    {
                
        $data=array(':id_demot'=>intval($id_demot));
               
        
        $query = "SELECT * FROM `demots_comments` `d`, `users` `u` WHERE `d`.id_user = `u`.id AND `d`.id_demot=:id_demot AND `d`.is_active = 1 ORDER by date DESC; ";
        
        $result = DB::getPDO()->prepare($query);
        $result->execute($data);  
        
        $result = $result->fetchAll(); 
 
        return $result;
    }
}